Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
CyberArk Endpoint Privilege Manager
FIN-766
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-27 16:10
Not Verified
What It Detects
Identifies CyberArk EPM-managed workstation endpoints that have no Asset Category assigned. Asset Category classifies workstations by sensitivity or use case (e.g., standard user, privileged admin, developer, kiosk), which determines which EPM privilege policies are applied. Workstations without a category may receive default policies that do not adequately restrict local admin rights, application elevation, or UAC behavior for their intended use.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Connectors
equals
CyberArk
Asset Type
equals
Workstation
Asset Category
is_empty
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum